This specification generally relates to cyber-security. Cyber-security of an organization is affected by each user within the organization. Every action of every user has an effect on the security of the overall organization.